Feature Requests - Page 21 - Burp Suite User Forum

Request and Response Timings in proxy history and site map

OWASP ZAP shows the RTT in the request history which makes it very easy to manually test and spot potential timing based attacks. I know these timings can been tested / seen in the repeater and intruder... but knowing which...

Rename Intruder attacks saved to project

It's really useful to save some intruder attacks to the project file. However, without a way to name them on the dashboard, it can be hard to find the correct one. I know you can name intruder tabs, but this name doesnt seem...

auto replace websocket request messages

hello best app ever is there anyway to auto replace websocket request messages ? or if there are any extension do that can someone show us how :D

deletion

Please delete my account

BurpSuite Certified Practitioner exam

Hello Team, This is Himanshu. I have purchased a burp suite certified practitioner exam on 5th oct 2021. Can i give the exam tomorrow i.e; on 5th oct 2022 or 4th oct 2022 is the last day to give exam.? Thank...

Possibility to filter out HTTP-status code in the "Content discovery"

Hi I would like to suggest inclusion of a new function: the possibility of excluding some HTTP-status codes in the responses in the "Content discovery" tool. I see that some sites like to "bounce you back" with 301s. You...

Please bring "Delete item(s)" to Intruder back!

The "Delete item(s)" item submenu feature in Intruder is missing for a lot of time now. E.g., version 2020.6 still has it, but from that version to today somewhere in the middle it was removed. Newer version cannot delete...

Access current theme from extension

I want to find out whether a user uses light mode or dark mode using the Extender API, so that I can pick an appropriate font color in my extension. The new Montoya API has a Theme enum, but there doesn't seem to be any...

Add a rule action "sleep" or fix the delay between seconds for the resource pool

Consider the following scenario: For logging in, you need to have a valid CSRF token. The standard way to solve that in Burp is to use a macro that fetches the token. But in this web app, the token is unique for every...

Arrow keys to navigate on Dashboard > Issue activity panel

I would like to be able to use the keyboard arrow keys to navigate up and down on the Dashboard > Issue activity panel when it has focus. I would like it to work exactly the same way as using the arrows keys to navigate...

No more activations allowed for this license.

I just migrated from windows laptop to another laptop, I activated license twice in windows and vm on the host. When I tried to activate burp pro in arch, it showed the issue 'No more activations allowed for this license'. I...

button on repeater tab to set cookies

like the follow redirect button, it would be nice to have a button to set all cookies

Regarding the completion requirements of blind SQLi OAST labs

Hello, I've been going through the blind SQLi section and reached the OAST labs. However, I don't own the professional version of Burp Suite (yet). I believe it'd be educationally valuable if the exercise's completion...

Have a "V" Mark on Automatically Edited Requests or Responses

When I use Match & Replace, I don't see a "V" mark in the "Edited" column for requests or responses that were indeed automatically edited. I'm not sure if this is a bug or a feature request, but it'd be great to have...

Persistent Burp Collaborator

Can we get a Persistent Collaborator? By Persistent Collaborator I mean even if we close out of the Collaborator client the payloads are can be saved on the private server. It would be nice to have at least for the Pro...

Activation licence

Dear Team, I am unable to activate my additional license. Getting an error with Activation Failed "No more activations allowed for this license." Could you please support or clear the existing device? Regards.

Activation License

I am unable to activate my license. Getting an error with Activation Failed "No more activations allowed for this license." Could you please support or clear the existing device?

TLS certificate nickname

Hi, Please make it possible to give tags or nicknames to TLS client certificates. If I create multiple certificates for the same domain, I have no way to differentiate between them. In addition, I noticed that it takes...

Collaborator - Could Timestamp include milliseconds?

A minor but really helpful feature request would be to have Collaborator display the timestamp with milliseconds that the request was received, when requests are received very rapidly (e.g. DNS + HTTP) it is sometimes...

Temporary access to Burp Collaborator

Hello, I've just started out the Academy and I'm very new but also very interested in this world. I'm trying to finish the Blind SQL Injection section where you've to practice the OAST but I can't. I don't have the Pro...